mitigating active shooting incidents and sniper attacks on
TRANSCRIPT
1
Mitigating Active Shooting Incidents and
Sniper Attacks on the Bulk Power Grid
Conceptual foundations and performance requirements for mitigating gunfire and
explosive attacks designed to disrupt energy services
June 2014
Executive Summary
The April 16, 2013 attack on California's Metcalf Substation points to the vulnerability of our power grid
facilities to physical attacks designed to disrupt electrical service. According to authorities, one or more
individuals took advantage of external line-of-sight access to open fire into the facility using high-powered
firearms. Extensive damage was caused to some of the facility’s critical components thereby disabling multiple
transformers, resulting in more than $15M in damages. It is believed that the attack's duration exceeded 19
minutes and those responsible were able to flee the scene prior to the arrival of first responders. The operators
were able to avoid a blackout by rerouting power around the site and asking power plants in Silicon Valley to
produce more electricity, but it took utility workers approximately four weeks to repair and bring the substation
back online. Officials believe that this well-coordinated attack could be a “dress rehearsal” for a larger attack at
multiple locations, which could potentially disrupt services for months.
Bulk electric systems and other critical infrastructure locations within the United States remain extremely
vulnerable to attacks by individuals and groups harboring variety of motives bent on destruction, denial of
service, and the disruption of commerce. There are thousands of critical electrical transformers in the United
States, which function to support three primary power networks. Because electrical substations are often
located in remote areas (and not within the regularly travelled patrol routes of public safety officers) they are
especially vulnerable to well planned, multi- pronged attacks by heavily armed, active shooters and trained
terrorists with the potential to cause significant damages and have a profound impact.
Was the Metcalf Substation attack a test run for a much larger and coordinated attack at multiple power grid
locations? How much undetected preplanning was conducted? How well are emergency response plans
coordinated between public safety agencies and power providers? If a large scale, well-coordinated, multi-
location attack were to occur, would security mechanisms currently in place sufficiently mitigate such an attack
with minimal disruption to the grid?
Although the Metcalf Substation attack did not cause a serious disruption in electrical service, it raises serious
questions on how to balance the requirements for both physical and cyber security at our Nation's critical
infrastructure facilities. It’s important that we are now turning needed attention to address these vulnerabilities
and implement appropriate security solutions.
Copyright © 2014 SST, Inc™. All rights reserved. ShotSpotter SiteSecure™, ShotSpotter FlexSM, ShotSpotter Onsite™, ShotSpotter SpecialOps™, ShotSpotter®, ShotSpotter Gunshot
Location System® SecureCampus and the ShotSpotter logo are trademarks of SST, Inc™. SST and ShotSpotter technology is protected by one or more issued and foreign patents, with
other domestic and foreign patents pending. Substation Whitepaper 031114.docx
2
Background
Critical Findings of the Metcalf Substation Attack
Motion sensors did not detect the attack until approximately 10 minutes after the attack was initiated
The attackers used high-powered weapons firing projectiles capable of penetrating
vulnerable transformer components
Over one hundred 7.62mm rounds were fired during the attack well before the arrival of
responding police
The attack appears to have been well planned and was most likely scouted in advance of the assault
A similar, coordinated attack on multiple substations could disrupt power to a large area for weeks or
months
Motivating Challenges
1. Minutes matter—even the time to call 9-1-1 and explain the situation. High-powered rifles have
the potential to inflict tremendous damage quickly, from many angles and distances at the same
time. Sites are also extremely vulnerable to attacks from a wide variety of easily obtainable
weapons of mass destruction.
2. Motion sensor technology and camera systems are ineffective in detecting gunfire attacks.
Neither a motion detector nor a camera can see a bullet after it is fired.
3. First responders need precise, accurate location information when they are dispatched. Because
gunfire attacks can occur at considerable distances, responding police officers require real-time,
tactical intelligence to support an effective and safe response.
4. An effective security strategy must include the ability to detect and identify coordinated
attacks occurring at multiple locations across a large, highly distributed infrastructure
network.
3
Technology to Expedite/Support Protective Measures
Early Detection
The research tells us that there is a substantial time range of possible threat detection, from the time that a
shooter forms the intent to commit mass destruction, to the time that he posts dark thoughts on social media or
alerts friends, to the time that he acquires a firearm, to the time that he purchases ammunition on-line, to the
time that he arrives at the site and enters, and, finally, to the final moment at which he actually starts shooting.
Everything prior to the shooter’s arrival at the site can be classed as “early detection.” Early detection promises
the opportunity to interdict an event before it happens. In counter-terrorist circles, early detection is the stuff of
intelligence agencies and legal interception operations. Such techniques are of limited (if any) availability to
traditional law enforcement in combating active shooters.
Enhancing Tactical Response—Seconds Matter
Suppose early detection fails. Suppose, for any number of reasons that early detection of the threat turns out
either to be impossible or simply does not happen. What measures can be taken in the earliest moments of an
active shooter scenario or WMD attack which might mitigate the damage, lessen the shooter’s progress, or
otherwise impede his ability to cause loss of life or disrupt commerce?
Rapid incident detection and the swift deployment of emergency countermeasures, coupled with the rapid
deployment of armed first responders, can make the difference between an incident in which an active shooter is
able to inflict damage capable of disrupting electrical power to a wide area and an incident where the threat is
quickly identified, contained and eliminated with the assistance of rapidly disseminated tactical intelligence.
Improving the effectiveness of law enforcement and security operations necessarily involves developing both
technology as well as protocols to minimize delays in threat detection, initiate internal protective measures, and
rapidly activate police, and when required, fire, and medical first responders.
Gunshot Detection (Gunfire Location Alerts) Speeds Tactical Response
During an attack, critical time is lost as security or other dedicated response personnel first seek to establish the
nature of the attack—and, indeed, whether there is an attack in the first place. Video cameras and motion
detectors simply do not detect bullets flying through the air. Thus a coordinated active shooter incident may only
become evident after visible damage is done to the substation equipment itself.
Security personnel may be unable to alert 9-1-1 or trigger internal alerts because they are fully engaged in
protective actions or are themselves under attack. Moreover 9-1-1 centers themselves necessarily require a
several minute protocol to establish the veracity and precise nature of calls reporting possible attacks. Each of
these steps (first establishing what is going on, second reaching 9-1-1, and third proceeding through the 9-1-1
phone protocol) takes critical minutes—time during
which an active shooter can proceed (and historically has proceeded) with his attack. Even this best- case
analysis assumes that someone (anyone) actually calls 9-1-1 and provides enough information to be helpful.
From urban studies, we know that fewer than 1 in 5 (fewer than 20%) of gunfire
incidents result in a 9-1-1 call, and of those few, the average call comes in four minutes later and from a distance
of 1/5 of a mile or further away. Such imprecise information is at best only marginally helpful to first responders
and at worst a waste of valuable resources.
The research shows there may only be a ten-minute window of opportunity to intervene decisively, contain an
active shooter and minimize damage and harm. When a substantial amount of this time is spent following the
existing protocols built around spotty voluntary reporting of local residents, with no technological assistance or
speed improvement, the results have been tragic.
4
Gunshot Detection Technology as a Decision Support Tool
Gunshot detection technology and the security infrastructure in which it is embedded provides both internal and
external responders a steady stream of information to support incident decision-making. Additionally, gunshot
detection technology can support several types of decisions and resultant actions: automated alerts and triggers;
protocol-based actions and command and control courses of action.
Critical Performance Requirements
The technology must meet a number of critical performance requirements:
It must be reliable. Reliability has two dimensions: One is an extremely low rate of false positives
(reporting events as gunshots which are not in fact gunshots); the other is a near- zero rate of false-
negatives (all gunshots are detected and reported). The technology also must provide coverage of a
wide-area surrounding a substation in which attacks can be initiated at a distance using long-range
weaponry.
It must address the full spectrum of projectile threats. That is, it must provide accurate and timely
information regarding subsonic and supersonic gunfire and explosions occurring in an outdoor (and in
some cases an indoor environment). Many technologies, particularly those originally deployed for
military purposes, can detect and accurately locate only super-sonic projectiles, but only a very few
technologies can detect and accurately locate, super-sonic, sub-sonic threats, and explosions. Sub-
sonic munitions are commonly employed by special operations forces to minimize the acoustic
signature of their attacks; such ammunition is readily available in the United States and presents itself
as the easiest means of defeating systems, which focus on super-sonic projectiles.
It must provide meaningful intelligence to expedite and guide first responders in real-time. By reducing
uncertainty—the number of unknowns—gunshot detection technology can provide internal and
external responders with clarity regarding a gunshot threat. As a result, rather than delaying action
while they attempt to make sense of a confusing situation, key personnel can immediately initiate
protective actions, knowing that the system is triggering both internal and 9-1-1 alerts. Precious
minutes are saved. The system, especially if technology components interact, can also provide police
responders with updated information with which to track a shooter’s movements.
It must compress the detection-alert-response cycle to contain and neutralize active shooter threats
rapidly. Shaving time—minutes, even seconds—from each stage in that cycle can significantly
minimize damage to a facility. In this regard, the most important referent is the “ten-minute window” of
intervention mentioned above.
It must provide situational awareness to first responders, such as number of shooters, number of
weapons fired, direction of fire (towards or away from critical assets, etc.) and make it easy to
visualize the progress of an assault team as it engages a target.
It must integrate into a comprehensive threat detection-response management system that integrates
technology, written response protocols, and user training, both initial and refresher (including
discussions, case studies, table talks, scenario-based talk- and walk-throughs, hands-on exercises).
Must detect gunfire in the immediate vicinity of a substation even if the detected gunfire is not directed
at the facility. It appears that the suspects involved in Metcalf may have fired rounds prior to the attack
to test/probe potential law enforcement response methods.
5
Critical Performance Requirements - Continued
Must integrate with video surveillance assets regardless of the relative locations of the cameras and
the gunshot detection sensors (i.e., in the same place—collocated—or separately positioned—non-
collocated—for their own optimal operation). Gunfire and explosive event detection must trigger
video management systems or cameras directly to pan, tilt and zoom to the location of detected
gunfire. An integrated gunfire detection and camera system must also have ability to direct multiple
cameras, simultaneously, to the same target, multiple targets, or follow rules pre-defined commands,
because individual cameras may not have line-of-sight to all gunfire events, and it may be necessary
to aim other cameras (from other locations) to get a glimpse of the attacker (Note: in order to
properly direct a non-collocated camera to an incident, an accurate longitude/latitude solution, or
geolocation, is required. “Range and bearing” solutions, although useful for immediately returning
fire or for a single, collocated camera asset, do not provide an easy mechanism by which to aim
other cameras from different perspectives.)
Must have the ability to detect supersonic, subsonic, kinetic and explosive threats from all directions.
Subsonic munitions such as the .458 SOCOM round must be as easily detected and located as a more
tradition .308 Winchester. Moreover, differentiating “true positives” (actual gunfire) from “true
negatives” (loud “bangs” which a neighbor reports to law enforcement) is equally critical: the system
must detect, locate, and correctly identify as non-threatening such non-gunfire events.
For false alarm reduction, the system must be able to turn cameras towards loud, impulsive/explosive
sounds thought not to be gunfire, so that a visual verification of such “true negative” cases can be
made. This capability is of particular importance in remote environments, where on-duty personnel
may be miles away. It is far less expensive to turn a camera towards a loud “bang” than to send
personnel or law enforcement to investigate when a neighbor reports a loud “bang” which turns out to
be a false alarm.
Must provide audio playback on a sensor-by-sensor basis of a detected incident in near real time,
automatically distributed to first responders and via alerting API. Audio playback permits rapid
assessment of the nature of the threat, the number of shooters, and the kinds of weapons involved. It
also provides critical situational awareness to first responders.
Must provide fully contextualized alerts that include location on satellite imagery and/or CAD or
substation ground plans (blueprints), along with situational data such as number of
rounds fired, cycling rate, number of unique weapons being fired; and other information that can be
derived from the audio.
Have the ability to detect shooters moving while firing, including direction and speed (vector) of
travel.
Have the ability in real time, to simultaneously broadcast geolocated; contextualized event data
alerts anywhere worldwide that it is required including to include information on simultaneous,
multiple-location incidents.
Provide an enterprise-scale, secure database of all detected events that is searchable and provides
archived incident data that is court-admissible and can be used for incident investigations, pattern
recognition, and other analysis when required.
Locate the latitude and longitude point (not just bearing and range) origin of the threat within 10
meters of the firing point and automatically calculate range and bearing from multiple
cameras/sensors/etc. to the origin of detected gunfire.
6
Critical Performance Requirements - Continued
If desired, detect and report whether a supersonic round has been fired at the substation (or other
protected area), and not merely nearby. (Note: such functionality requires that the “sonic crack” of
the bullet be audible, which is only the case for approximately 50 meters distance off the trajectory of
the bullet. If this feature is desirable, it will necessarily increase sensor density in order to detect this
sound.)
Have the ability to detect 100% of all direct inbound fire at a substation from all angles of directed
gunfire (360 degrees).
Provide a purpose-built map-based user interface for reporting to 911, security operation centers,
and emergency responders.
Support a review-and-respond workflow, if desired, so that any incident can immediately trigger
local surveillance assets (e.g. video cameras), and only thereafter be reviewed and verified before
alerting law enforcement or first responders. Split workflow paths permit quickest response and
low incidence of false positives.
Detection and Incident Evaluation
Incoming detections should be vetted through a qualified, gunshot detection, monitoring center. Incident analysis
should be conducted using as many evaluation parameters as possible, including in particular:
The acoustic audio signal (“waveform”) and what it sounds like
The number, timing, and rhythm of rounds fired (e.g. how many shooters? Is this a fully- automatic weapon?)
Recent events (e.g., has someone been shooting/hunting/sporting nearby?)
Sound propagation distance (e.g. at how many locations and at what distance was the sound heard?)
When gunfire occurs in the vicinity of a substation, sensors and software triangulate and pinpoint the precise
location of each round fired within seconds. If desired, immediate actions such as aiming/directing multiple
video cameras, locking of locks, raising of bollards, or other on-site precautions can be immediately initiated.
7
In parallel, detailed incident data must be immediately sent to an Incident Review Center (IRC), a secure data
processing and alert qualification facility.
The following teams can be alerted simultaneously, or per defined process, to create a coordinated and
collaborative response to identified incidents:
Corporate Security Control or Operations Center – Responsible for management of the
organizations overall security plans, escalation processes, and procedures
Systems Operations System – Responsible for the monitoring, diagnostics, and maintaining of the
organizations systems, products, and devices
Critical Personnel – Alerts can be sent 24x7 to necessary critical personnel via smart phones,
tablets, or laptops
Local law enforcement agencies – 9-1-1 dispatch centers or other Public Safety Answer Points
(PSAP)
Protecting Remote Areas
Because a large percentage of power substation facilities are located in remote areas, the ability to rapidly identify
gunfire and explosive threats to power grid facilities is essential—as is the ability to detect and determine as non-
threatening potential false alarms (other loud, impulsive noises which do not constitute threats) Immediately upon
the detection of events which are actually a threat, the system can quickly set in motion operational protocols that
can focus additional surveillance assets on the origin, mitigate damage, initiate procedures to limit or prevent
interruptions of power service, and trigger the rapid deployment of law enforcement and repair personnel.
Notification of Critical Personnel
All substation facilities must have safety plans in place that dictate actions to be taken during critical
incidents, to include gunfire attacks. Emergency security procedures are common; however,
communication during critical incidents can be poor and often nonexistent.
Gunshot location technology must have the ability to quickly and automatically alert critical personnel when
an attack has been detected. The following notifications platforms should be included:
Security Operations Center Alerting: Detected events are immediately viewable on any
designated computer
Key Personnel: Alerts can be automatically transmitted to mobile devices using SMS or email
messaging
9-1-1 Dispatch Center Alerting: Public Safety Dispatch Centers are immediately notified of an event in 1-2 seconds after review.
Mobile alerts enable first responders to quickly assess tactical response issues
Real-time mobile device integration affords the ability for first responders and specially trained on-
site personnel to quickly visualize the location of detected gunfire.
8
Situational Awareness for First Responders
Gunshot detection technology can rapidly determine the precise location of gunfire where it occurs. First responders can
quickly determine if the suspect(s) are mobile and adjust their tactical response based upon live information. This
Situational Awareness directly addresses Challenge #3.
Automated Notifications
Detected gunfire notifications should contain the full contextual information relating to an incident:
Geographic coordinates (latitude/longitude) of the incident
Range (distance) and bearing (angle) and elevation (angle) to the incident from any number of
perspectives (e.g. cameras, guard posts, etc.)
Date and time of incident (accurate within 0.1 second, UTC offset)
Number of rounds fired
Textual description of circumstances (e.g. “Shooter moving NE at 6 mph” or “Possible multiple
shooters” or “Possible fully-automatic weapon”)
Geographic boundaries of incident: three layers of geographic polygons (geofences) can be reported (often
used for street address, police beat, and jurisdictional boundaries in public safety; can be customized to any
pattern for SiteSecure)
Calculated zoom factor for cameras
Callback URLs for audio (.mp3 and .wav) of incident from each sensor
Callback URL for image (.png) of audio waveform
Review workflow status (unreviewed, reviewed, etc.)
Name/identifier of originating system (used when multiple physical locations are monitored)
9
Complementary Technologies
A number of associated and related technologies can be integrated to provide a 360-degree security
solution at critical infrastructure locations. The following is intended as an indicative list of such
technologies and not an exhaustive list:
Sensing/Network
Security and alarm networks
Existing technology networks (e.g., WiFi)
Video
Video Surveillance
Video Management Systems (VMS)
Infrastructure
Physical Security Information Management (PSIM)
Site security and building management technologies
Physical security measures (bollards, locks, shields)
Organizational
Computer-Aided Dispatch (CAD)
Common Operating Picture (COP) systems
Alerting
First responder notification and alerting technologies
SMS and other electronic broadcast techniques
Public Address (PA) and other alerts sirens
10
Summary
Revisiting the Four Key Challenges
At the beginning of this whitepaper, we presented four motivating challenges, which drove the rest of our
development. We repeat them here, highlighting the mechanism by which the whitepaper addresses each
challenge:
1. Minutes matter—even the time to call 9-1-1 and explain the situation:
Gunshot detection and alert technology removes minutes from response by providing persistent surveillance for
triggering, explosive acoustic events, automatically reporting them to a 24x7x365 infrastructure already built
for real-time response to gunfire, and then automating the process of notifying first responders.
2. Current motion sensor technology and camera systems are ineffective in detecting gunfire
and explosive attacks:
SST technology, coupled with its 24x7x365 Incident Review Center, ensures that gunfire and explosive attacks
are immediately identified and that operational protocols that can mitigate damage are quickly implemented.
Additional benefits include the triggering of procedures to limit or prevent interruptions of power service, and
the rapid deployment of law enforcement and repair personnel.
3. First responders need precise, accurate information when they arrive on scene:
When first responders arrive, the quality of the information provided by gunshot detection and alert systems is
unmatched: number of rounds, sequence in which events occurred, and other data will be presented to the first
officers on the scene. In combination with Law Enforcement’s new framework for responding to active
shooters, such situational awareness is critical to responding swiftly and
with maximum precision.
4. The system must detect coordinated attacks at multiple locations:
SST's Incident Review Center has the ability to detect attacks occurring at multiple locations and provide rapid
notification to first responders as well as related support agencies such as the Department of Homeland
Security. This capability can be provided to umbrella agencies responsible for the oversight of grid security on a
regional or national level.
11
SST Real-Time Incident Review Center
SST, Inc. operates a 24x7x365 Real-Time Incident Review Center (IRCs) at its national headquarters in
Newark, CA . This facility, with redundant connections to systems nationwide, monitors gunfire acoustic
events across the nation—and, indeed, now in several countries and on several continents. We believe
IRC personnel will constitute the critical missing link in addressing Challenge #2 (Current motion sensor
technology and camera systems are ineffective in detecting gunfire attacks).
Real-Time Incident Review Center SST, Inc.
SST’s Real-Time Incident Review Center process incidents in seconds, collecting data from sensors
deployed worldwide, to deliver critical tactical information to public safety first responders
System Architecture
The SST system architecture leverages existing installed base and significant experience with acoustic
sensors in mission critical environments:
Existing 24x7x365 world-class data center, with triply redundant high-bandwidth Internet
connectivity, doubly redundant power and environmental controls, and biometric and
physical security systems.
End-to-end data architecture for capturing, recording, evaluating, and notifying end-user
first responders of critical, time-sensitive incident alerts.
Experience integrating these alerts into PSIM, CAD, video surveillance, and many other on-
site physical security platforms while still maintaining a world-class cloud- based back-end
infrastructure
Proven operation and reliability in high voltage environments.
Weather- and security-hardened to survive many years in rough outdoor
conditions.
The ability to remotely monitor and configure sensors via either a cellular or
Ethernet backhaul system to minimize maintenance visits.
12
SiteSecure System Architecture
SiteSecure Outdoor Sensors: Installation Overview
A small number of fence- or pole-mounted sensors will be deployed at each substation. These sensors are
typically used by SST for covering large urban areas and are weather-and security- hardened to survive
many years in rough outdoor conditions. They can be monitored and configured remotely, and provide
overlapping arrays to augment system accuracy and detection reliability. The sensors collaborate and
detect jointly; no single sensor constitutes a single point of failure.
13
ShotSpotter SiteSecure Compared to Alternate Methods of Gunshot Detection
SST's ShotSpotter SiteSecure Most Counter-Sniper Point Solutions
Detection Capabilities
Detects a Wide Range of Sharp Acoustic Events
(e.g. Explosions, Subsonic, Supersonic Gunfire)
Only Supersonic Rounds from specific,
pre-specified weapons
Provides impact noise of bullets striking infrastructure
(can provide location of impacts in later investigation)
Does not report impact noises or locations
Wide Area Incident Detection:
fired and directed anywhere within coverage area
Only Detects Incoming Gunfire
(bullet must pass within 30-50 meters of sensor)
Incidents geolocated (latitude, longitude); range and bearing
calculated from 1 or more locations
Bearing (direction) and possibly range detected if known, pre-
specified weapon; latitude/longitude requires add-on GPS and
integration
Collaborative sensor approach: no single sensor point of failure;
multiple sensors add accuracy and context to each incident Each sensor stands alone and, due to bullet flight-path
requirements, constitutes a single point of failure
Multiple-sensor and multiple-round incidents bundled and
displayed as single, unified incident. Multiple shooters
identified and highlighted.
Unknown. Multiple shooters not highlighted.
Audio Playback Auto-Sent to First Responders. Audio record
permantly stored for subsequent investigation/court proceedings.
Audio Not Available
Expert 24/7 Review, Classification and Contextualization No Review, Extremely Limited Information
Ability to Rapidly Detect Simultaneous Attacks at
Multiple Incident Locations None Networked, Standalone
Ability to Detect and Geolocate Incident
Well Outside Perimeter
Only incidents fired at sensors, only from supersonic
projectiles
Map-Driven, Highly Contextualized Alerts
(Location on Satellite Imagery/Substation Blueprint)
Accepted by 911 - Augmented Priority
Range and bearing from arbitrary sensor locations. Requires external
map interface (if any). Depends on Manual Telephone Call to 911
Direct any number of cameras from any number of locations
towards origin of incidents (or other presents).
Range/bearing approach limits integration to a single camera which
must be co-located with sensor, other cameras may not catch shooter
due to lack of consistent range and elevation error (geolocation
quality)
Robust, auditable back-end database of all acoustic events (gunfire,
explosions, and other, non-gunfire events) maintained for analysis
and performance management. Full software tools for browsing
history and comparing incidents.
No centralized database (unless separately integrated)
Proven API Enables Integration w Complementary
Technologies into Comprehensive System
Lack of Native Geolocation Hinders
Effective Integration
Managed vs. OnSite Network
Separate Robust, Secure, Managed Network Requires Use of Customers Network, More Complicated, Less
Secure
No On-Premises Equipment other than Sensors Requires On-Premises Server and Customer IT Support
Redundant Network Operation Centers and High Availability
(HA) System Design Many Single Points of Failure
Remote and Transparent Updates and Support Requires On-Site Support
14
ShotSpotter SiteSecure Compared to Alternate Methods of Gunshot Detection
Cost Effectiveness
Small Number of Sensors Required to cover full area Requires Large Number of Sensors to cover full area
Available in 5 and 10-Year Lifecycle Pricing Configurations Requires 3rd
Party Separately-Priced Maintenance Contract
Managed, Cloud-Based System Requires no Customer
Overhead Requires Customer Support and Overhead
How Viewed by First Responders?
Credible, Trusted, Given Higher Priority Unknown
Track Record of Court Accepted Evidence
Case Law - Proven Accuracy Untested, Unproven
Reliable; Few False Positives N/A
Provides Critical Info: # Shooters, # Weapons,
Direction of travel (multiple rounds fired) relative to
Critical Assets.
Does Not Provide shooter count, weapon count, or
speed/direction of moving shooter
Additional Benefits
Web-Based UI, users with accounts can log in anywhere
authorized; no limit on number of users
Available at SOC, Public Safety/Law Enforcement station(s), in
Mobile responder vehicles, or via email
(mobile device, e.g. smartphone)
Requires 3rd
Party Installed Software
2-Year Online Data Storage for Investigations No Data Storage
Purpose Built Sensor Technology with Proven Lifecycle in
Extreme Conditions
Repurposed Sensors - No History of Long Periods of Fixed
Application
Small Footprint Sensor, Covert Design, Does not Require Co-
Location with other Security Devices
Highly Noticeable, Large Devices which appear to be “Out
of Place”
Expert Witness and other Evidentiary Service at no Additional Cost Does Not Produce Qualified Data
Can be tested in place (in situ), does not require that sensors be
fired at. Blanks can be used (for nearby testing).
Because sensors must be fired at with live, supersonic
munitions, testing is risky and dangerous; many critical
facilities have refused to test in place due to these
requirements.
Deployment includes fully-document deployment validation report,
with statistical measurement of deployment, showing all incidents
detected and located
Unknown; never produced.
15
Company B a c k g r o u n d
About SST, Inc.
SST, Inc. consults and partners with local and federal law enforcement agencies in the US and abroad to reduce gunshot
violence through the use of its gunfire alert and analysis solution. SST’s ShotSpotter™ Flex is the leading gunfire alert
and analysis solution for detecting gunshots and providing critical intelligence to give law enforcement agencies the
detailed real-time data needed to investigate, analyze and prosecute gun related crimes. The company’s deep domain
experience, along with cumulative agency best practice experience, delivers measurable outcomes that contribute to
reducing gun violence. SST is a proven solution provider with installations across the United States and the world.
Privately held, the company possesses multiple patents resulting from nearly two decades of innovation in the area of
acoustic gunshot location technology. SST, Inc. is Safety Act certified by the United States Department of Homeland
Security.
Founded 1995
Headquarters Newark, California, USA
Ownership Privately Held
Employees 60
Products ShotSpotter FlexSM
ShotSpotter SiteSecure™
SecureCampus™
Customer Data 90+ installations worldwide
70+ U.S. locations
4 countries
Hundreds of square miles monitored
Implementations (Subset) Include:
North America: Baton Rouge, LA; Birmingham, AL; Boston, MA; Camden, NJ; Chicago, IL:
East Palo Alto, CA; Gretna, LA; Jefferson Parish, LA; Los Angeles County, CA; Milwaukee, WI; Minneapolis,
MN; Montgomery, AL; Nassau County, NY; Newark, NJ; Oakland, CA; Omaha, NE; Richmond, CA; Riviera
Beach, FL; Rochester, NY; Rocky Mount, NC; Saginaw, MI; San Francisco, CA; Springfield, MA; Suffolk
County, NY; U.S. Virgin Islands; Washington, DC; Wilmington, NC; Youngstown, OH. International: Canoas,
RS, Brazil; Rio de Janeiro, RJ, Brazil; Panama City, Panama.
Contact Information
Security Hotline
+1 (510) 794-3154 direct dial
Web
www.ShotSpotter.com
16
About ShotSpotter
ShotSpotter Flex helps local law enforcement agencies by directing police to the precise location of illegal gunfire incidents enabling first
responders to aid victims, collect evidence and quickly apprehend armed, dangerous offenders. The ShotSpotter actionable intelligence
can then be used to prevent future crimes by positioning law enforcement when and where crime is likely to occur. With ShotSpotter Flex
police now possess a scientific barometer of success since smart policing leads to fewer shootings.
About SST, Inc.
SST, Inc. is the global leader in gunfire detection and location technology providing the most trusted, scalable and reliable gunfire
alert and analysis solutions available today. SST ShotSpotter’s inaugural 2013 National Gunfire Index, released in April 2014,
revealed that gunshots are both vastly under-estimated and under-reported. SST’s ShotSpotter Flex℠ is the leading gunfire alert and
analysis solution for detecting gunshots and providing critical intelligence to give law enforcement agencies the detailed real-time
data needed to investigate, analyze and prosecute gun related crimes. The company’s deep domain experience, along with
cumulative agency best practice experience, delivers measurable outcomes that contribute to reducing gun violence. SST is a proven
solution provider with more than 80 installations across the United States and the world. Privately held, the company possesses
multiple patents resulting from nearly two decades of innovation in the area of acoustic gunshot location technology. Information
about SST and ShotSpotter can be found at www.sst-inc.com or www.shotspotter.com. The full 2013 National Gunfire Index can be
downloaded at www.ShotSpotter.com/ngi. You can also follow SST and ShotSpotter solutions on Twitter, Facebook, LinkedIn and
YouTube.
For more information on SST, please visit www.sst-inc.com or www.shotspotter.com.
Copyright © 2014 SST, Inc.™. All rights reserved. ShotSpotter SiteSecure™, SecureCampus™, ShotSpotter Flex™, ShotSpotter OnSite™, ShotSpotter SpecialOps™,
ShotSpotter®, ShotSpotter Gunshot Location System® and the ShotSpotter logo are trademarks of SST, Inc.™. SST and ShotSpotter technology is protected by one or more issued U.S.
and foreign patents, with other domestic and foreign patents pending.